ExamGecko
Search Search Login
Home Home / Microsoft / AZ-104

Microsoft AZ-104 Practice Test - Questions Answers, Page 9

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

HOTSPOT You need to the appropriate sizes for the Azure virtual for Server2. What should you do? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
DRAG DROP You need to prepare the environment to ensure that the web administrators can deploy the web apps as quickly as possible. Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order. Answer:
HOTSPOT You need to implement Role1. Which command should you run before you create Role1? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You have an Azure Active Directory (Azure AD) tenant named Adatum and an Azure Subscription named Subscription1. Adatum contains a group named Developers. Subscription1 contains a resource group named Dev. You need to provide the Developers group with the ability to create Azure logic apps in the Dev resource group. Solution: On Dev, you assign the Contributor role to the Developers group. Does this meet the goal?
You discover that VM3 does NOT meet the technical requirements. You need to verify whether the issue relates to the NSGs. What should you use?
Note: This question is part of a series of questions that present the same scenario. Each question in theseries contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You have a Microsoft Entra tenant named contoso.com. You have a CSV file that contains the names and email addresses of 500 external users. You need to create a guest user account in contoso.com for each of the 500 external users. Solution; From Microsoft Entra ID in the Azure portal, you use the Bulk invite users' operation. Does this meet the goal?
You need to identify which storage account to use for the flow logging of IP traffic from VM5. The solution must meet the retention requirements. Which storage account should you identify?
HOTSPOT You need to create storage5. The solution must support the planned changes. Which type of storage account should you use, and which account should you configure as the destination storage account? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
HOTSPOT You need to identify the storage requirements for Contoso. For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
Which blade should you instruct the finance department auditors to use?

Question 81

Report
Export
Collapse

DRAG DROP

You have an Azure subscription. The subscription includes a virtual network named VNet1. Currently,

VNet1 does not contain any subnets.

You plan to create subnets on VNet1 and to use application security groups to restrict the traffic between the subnets. You need to create the application security groups and to assign them to the subnets.

Which four cmdlets should you run in sequence? To answer, move the appropriate cmdlets from the list of cmdlets to the answer area and arrange them in the correct order.


Question 81
Correct answer: Question 81

Explanation:

Step 1: New-AzureRmNetworkSecurityRuleConfig

Step 2: New-AzureRmNetworkSecurityGroup

Step 3: New-AzureRmVirtualNetworkSubnetConfig

Step 4: New-AzureRmVirtualNetwork

Example: Create a virtual network with a subnet referencing a network security group

New-AzureRmResourceGroup -Name TestResourceGroup -Location centralus $rdpRule = New-AzureRmNetworkSecurityRuleConfig -Name rdp-rule -Description "Allow RDP" -

Access Allow -Protocol Tcp -Direction Inbound -Priority 100 -SourceAddressPrefix Internet -

SourcePortRange * -DestinationAddressPrefix * -DestinationPortRange 3389

$networkSecurityGroup = New-AzureRmNetworkSecurityGroup -ResourceGroupName

TestResourceGroup -Location centralus -Name "NSG-FrontEnd" -SecurityRules $rdpRule

$frontendSubnet = New-AzureRmVirtualNetworkSubnetConfig -Name frontendSubnet -

AddressPrefix "10.0.1.0/24" -NetworkSecurityGroup $networkSecurityGroup

$backendSubnet = New-AzureRmVirtualNetworkSubnetConfig -Name backendSubnet -

AddressPrefix "10.0.2.0/24" -NetworkSecurityGroup $networkSecurityGroup

New-AzureRmVirtualNetwork -Name MyVirtualNetwork -ResourceGroupName TestResourceGroup -

Location centralus -AddressPrefix "10.0.0.0/16" -Subnet $frontendSubnet,$backendSubnet

Reference: https://docs.microsoft.com/en-us/powershell/module/azurerm.network/newazurermvirtualnetwork?

view=azurermps-6.7.0

Question 82

Report
Export
Collapse

HOTSPOT

You create a virtual machine scale set named Scale1. Scale1 is configured as shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.


Question 82
Correct answer: Question 82

Explanation:

As cooling period and scale in and scale out durations are not displayed in the graphical view, so we need to consider the default values as below for these settings.

Cool down (minutes) : The amount of time to wait before the rule is applied again so that the autoscale actions have time to take effect. Default is 5 minutes.

Duration : The amount of time monitored before the metric and threshold values are compared.

Default is 10 minutes.

Box 1: 4 virtual machines

The Autoscale scale out rule increases the number of VMs by 2 if the CPU threshold is 80% or higher for more than or equals to 10 mins due to default duration for scale in and out is 10 minutes. Since

CPU utilization at 85% only lasts for 6 mins , it does not trigger the rules.

Hence no of virtual machines will be same as the initial value which is 4.

Box 2: 4 virtual machines

The Autoscale scale in rule decreases the number of VMs by 4 if the CPU threshold is 30% or lower for more than or equal to 10 mins. due to default duration for scale in and out is 10 minutes . Since

CPU utilization at 30% only lasts for 6 mins , it does not trigger the rules. Hence after first 6 mins instance count will be same as initial count as 4. After that CPU utilization reached to 50% for 6 mins , which again would not trigger the scale in rule. Therefore no of virtual machines will be same as the initial value which is 4.

Reference:

https://docs.microsoft.com/en-us/azure/azure-monitor/platform/autoscale-overview

https://docs.microsoft.com/en-us/azure/azure-monitor/platform/autoscale-best-practices

https://docs.microsoft.com/en-us/azure/azure-monitor/platform/autoscale-common-scale-patterns

Question 83

Report
Export
Collapse

HOTSPOT

You need to create an Azure Storage account that meets the following requirements:

• Minimizes costs

• Supports hot, cool, and archive blob tiers

• Provides fault tolerance if a disaster affects the Azure region where the account resides

How should you complete the command? To answer, select the appropriate options in the answer are

a. NOTE: Each correct selection is worth one point


Question 83
Correct answer: Question 83

Explanation:

Box 1: StorageV2

You may only tier your object storage data to hot, cool, or archive in Blob storage and General Purpose v2 (GPv2) accounts. General Purpose v1 (GPv1) accounts do not support tiering.

General-purpose v2 accounts deliver the lowest per-gigabyte capacity prices for Azure Storage, as well as industry-competitive transaction prices.

Box 2: Standard_GRS

Geo-redundant storage (GRS): Cross-regional replication to protect against region-wide unavailability.

Incorrect Answers:

Locally-redundant storage (LRS): A simple, low-cost replication strategy. Data is replicated within a single storage scale unit.

Read-access geo-redundant storage (RA-GRS): Cross-regional replication with read access to the replica. RA-GRS provides read-only access to the data in the secondary location, in addition to georeplication across two regions, but is more expensive compared to GRS.

Reference:

https://docs.microsoft.com/en-us/azure/storage/common/storage-redundancy-grs

https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blob-storage-tiers

Question 84

Report
Export
Collapse

DRAG DROP

You have an Azure subscription that contains an Azure file share.

You have an on-premises server named Server1 that runs Windows Server 2016.

You plan to set up Azure File Sync between Server1 and the Azure file share.

You need to prepare the subscription for the planned Azure File Sync.

Which two actions should you perform in the Azure subscription? To answer, drag the appropriate actions to the correct targets. Each action may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.


Question 84
Correct answer: Question 84

Explanation:

As per the official MS doc:

The recommended steps to onboard on Azure File Sync for the first with zero downtime while preserving full file fidelity and access control list (ACL) are as follows:

1. Deploy a Storage Sync Service. --> This needs to be done on Azure .

2. Create a sync group. --> This needs to be done on Azure

3. Install Azure File Sync agent on the server with the full data set. --> This needs to be done on server1.

4. Register that server and create a server endpoint on the share. --> This needs to be done on server1.

5. Let sync do the full upload to the Azure file share (cloud endpoint).

6. After the initial upload is complete, install Azure File Sync agent on each of the remaining servers.

7. Create new file shares on each of the remaining servers.

8. Create server endpoints on new file shares with cloud tiering policy, if desired. (This step requires additional storage to be available for the initial setup.)

9. Let Azure File Sync agent do a rapid restore of the full namespace without the actual data transfer.

After the full namespace sync, sync engine will fill the local disk space based on the cloud tiering policy for the server endpoint.

10. Ensure sync completes and test your topology as desired.

11. Redirect users and applications to this new share.

12. You can optionally delete any duplicate shares on the servers.

First action: Create a Storage Sync Service

The deployment of Azure File Sync starts with placing a Storage Sync Service resource into a resource group of your selected subscription.

Second action: Create a sync group

A sync group defines the sync topology for a set of files. Endpoints within a sync group are kept in sync with each other. A sync group must contain one cloud endpoint, which represents an Azure file share and one or more server endpoints. A server endpoint represents a path on a registered server.

A server can have server endpoints in multiple sync groups. You can create as many sync groups as you need to appropriately describe your desired sync topology.

Third action: Run Server Registration

Registering your Windows Server with a Storage Sync Service establishes a trust relationship between your server (or cluster) and the Storage Sync Service. A server can only be registered to one

Storage Sync Service and can sync with other servers and Azure file shares associated with the same

Storage Sync Service. )

Reference:

https://docs.microsoft.com/en-us/azure/storage/files/storage-sync-files-deploymentguide? tabs=azure-portal

Question 85

Report
Export
Collapse

HOTSPOT

You have several Azure virtual machines on a virtual network named VNet1.

You configure an Azure Storage account as shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.

NOTE: Each correct selection is worth one point.


Question 85
Correct answer: Question 85

Explanation:

Box 1: never

For Subnet 10.2.9.0/24, endpoint (Refer to first endpoint) is not enabled into the storage account shown in the exhibit. Hence there would not be any connectivity to the file shares in storage account.

To establish this connection you must have to enable the endpoint.

Box 2: never

After you configure firewall and virtual network settings for your storage account, select Allow trusted Microsoft services to access this storage account as an exception to enable Azure Backup service to access the network restricted storage account. As this required setting is missing , so Azure backup will not be able to take backup of unmanaged disks.

Reference:

https://docs.microsoft.com/en-us/azure/storage/common/storage-private-endpoints

https://azure.microsoft.com/en-us/blog/azure-backup-now-supports-storage-accounts-secured-with-azurestorage-firewalls-and-virtual-networks/

Question 86

Report
Export
Collapse

You plan to use the Azure Import/Export service to copy files to a storage account.

Which two files should you create before you prepare the drives for the import job? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.

A.
an XML manifest file
A.
an XML manifest file
Answers
B.
a driveset CSV file
B.
a driveset CSV file
Answers
C.
a dataset CSV file
C.
a dataset CSV file
Answers
D.
a PowerShell PS1 file
D.
a PowerShell PS1 file
Answers
E.
a JSON configuration file
E.
a JSON configuration file
Answers
Suggested answer: B, C

Explanation:

B: Modify the driveset.csv file in the root folder where the tool resides.

C: Modify the dataset.csv file in the root folder where the tool resides. Depending on whether you want to import a file or folder or both, add entries in the dataset.csv file

Reference: https://docs.microsoft.com/en-us/azure/storage/common/storage-import-export-datato-files

Question 87

Report
Export
Collapse

HOTSPOT

You have an Azure subscription that contains an Azure Storage account.

You plan to copy an on-premises virtual machine image to a container named vmimages.

You need to create the container for the planned image.

Which command should you run? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.


Question 87
Correct answer: Question 87

Explanation:

Box 1: make

Here the purpose is to 'create a container". So the correct command would be azcopy make.

Box 2: blob

The requirement is for storing that image, it's not used to build AKS. So blob is correct option.

Reference:

https://adamtheautomator.com/azcopy-copy-files/

Question 88

Report
Export
Collapse

HOTSPOT

You have a sync group that has the endpoints shown in the following table.

Cloud tiering is enabled for Endpoint3.

You add a file named File1 to Endpoint1 and a file named File2 to Endpoint2.

You need to identify on which endpoints File1 and File2 will be available within 24 hours of adding the files.

What should you identify? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.


Question 88
Correct answer: Question 88

Explanation:

File1: Endpoint3 only

Cloud Tiering: A switch to enable or disable cloud tiering. When enabled, cloud tiering will tier files to your Azure file shares. This converts on-premises file shares into a cache, rather than a complete copy of the dataset, to help you manage space efficiency on your server. With cloud tiering, infrequently used or accessed files can be tiered to Azure Files.

File2: Endpoint1, Endpoint2, and Endpoint3

Reference:

https://docs.microsoft.com/en-us/azure/storage/files/storage-sync-cloud-tiering

Question 89

Report
Export
Collapse

HOTSPOT

You have an Azure subscription that contains an Azure Directory (Azure AD) tenant named contoso.com. The tenant is synced to the on-premises Active Directory domain. The domain contains the users shown in the following table.

You enable self-service password reset (SSPR) for all users and configure SSPR to have the following authentication methods:

Number of methods required to reset: 2

Methods available to users: Mobile phone, Security questions

Number of questions required to register: 3

Number of questions required to reset: 3

You select the following security questions:

What is your favorite food?

In what city was your first job?

What was the name of your first pet?

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.


Question 89
Correct answer: Question 89

Explanation:

Box 1: No

Administrator accounts are special accounts with elevated permissions. To secure them, the following restrictions apply to changing passwords of administrators:

On-premises enterprise administrators or domain administrators cannot reset their password through Self-service password reset (SSPR). They can only change their password in their onpremises environment. Thus, we recommend not syncing on-prem AD admin accounts to Azure AD.

An administrator cannot use secret Questions & Answers as a method to reset password.

Box 2: Yes

Self-service password reset (SSPR) is an Azure Active Directory feature that enables employees to reset their passwords without needing to contact IT staff.

Box 3: Yes

Reference:

https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-sspr-deployment

Question 90

Report
Export
Collapse

You have an Azure Active Directory (Azure AD) tenant named contoso.com that is synced to an Active Directory domain. The tenant contains the users shown in the following table.

The users have the attributes shown in the following table.

You need to ensure that you can enable Azure Multi-Factor Authentication (MFA) for all four users.

Solution: You add an office phone number for User2.

Does this meet the goal?

A.
Yes
A.
Yes
Answers
B.
No
B.
No
Answers
Suggested answer: B

Explanation:

User3 requires a user account in Azure AD.

Note: Your Azure AD password is considered an authentication method. It is the one method that cannot be disabled.

Reference:

https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-authenticationmethods

Total 644 questions
Go to page: of 65
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms